vincenzopalazzo
/
rgb-cln
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

lightningd: split onion_message hook. 

Only way to be sure that plugins don't accidentally respond to onion_message
sent via reply path from another message (which would potentially leak our
identity!).

To quote BOLT #7 (Onion Messages) in the offers PR:

```markdown
The reader:
- MUST ignore any message which contains a `blinding` which it did not expect, or does not contain
  a `blinding` when one is expected.
...
`blinding` is critical to the use of blinded paths: there are various
means by which a blinded path is passed to a node.  The receipt of an
expected `blinding` indicates that blinded path has been used: it is
important that a node not accept unblinded messages when it is expecting
a blinded message, as this implies the sender is probing to detect if
the recipient is the terminus of the blinded path.

Similarly, since blinded paths don't expire, a node could try to use
a blinded path to send an unexpected message hoping for a response.
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell 2020-12-03 20:04:02 +10:30 committed by neil saitug
parent 61422193d9
commit 695a8bd868
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
lightningd/onion_message.c
View File

@ -51,12 +51,20 @@ onion_message_hook_cb(struct onion_message_hook_payload *payload STEALS)
tal_free(payload);
}
/* Two hooks, because it's critical we only accept blinding if we expect that
* exact blinding key. Otherwise, we can be probed using old blinded paths. */
REGISTER_PLUGIN_HOOK(onion_message,
plugin_hook_continue,
onion_message_hook_cb,
onion_message_serialize,
struct onion_message_hook_payload *);
REGISTER_PLUGIN_HOOK(onion_message_blinded,
plugin_hook_continue,
onion_message_hook_cb,
onion_message_serialize,
struct onion_message_hook_payload *);
/* Returns false if we can't tell it */
static bool make_peer_send(struct lightningd *ld,
struct channel *dst, const u8 *msg TAKES)
@ -113,7 +121,11 @@ void handle_onionmsg_to_us(struct channel *channel, const u8 *msg)
log_debug(channel->log, "Got onionmsg%s%s",
payload->reply_blinding ? " reply_blinding": "",
payload->reply_path ? " reply_path": "");
plugin_hook_call_onion_message(ld, payload);
if (payload->blinding_in)
plugin_hook_call_onion_message_blinded(ld, payload);
else
plugin_hook_call_onion_message(ld, payload);
}
void handle_onionmsg_forward(struct channel *channel, const u8 *msg)